CVE-2019-2001

🗓️ 28 Feb 2019 17:29:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 29 Views

The world-readable permissions on /proc/iomem can lead to local information disclosure in Android kerne

Reporter	Title	Published	Views	Family All 9
Android Security Bulletins	Android Security Bulletin — February 2019Stay organized with collectionsSave and categorize content based on your preferences.	4 Feb 201900:00	–	androidsecurity
CNVD	Google Android Kernel Component Information Disclosure Vulnerability (CNVD-2019-07369)	13 Feb 201900:00	–	cnvd
CVE	CVE-2019-2001	28 Feb 201917:00	–	cve
Cvelist	CVE-2019-2001	28 Feb 201917:00	–	cvelist
EUVD	EUVD-2019-11643	7 Oct 202500:30	–	euvd
NVD	CVE-2019-2001	28 Feb 201917:29	–	nvd
OSV	UBUNTU-CVE-2019-2001	28 Feb 201917:29	–	osv
Prion	Information disclosure	28 Feb 201917:29	–	prion
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2019-2001	19 Aug 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	16.04	any	linux-aws	4.4.0-1026.35	linux-aws_4.4.0-1026.35_any.deb
Ubuntu	14.04	any	linux	3.13.0-125.174	linux_3.13.0-125.174_any.deb
Ubuntu	16.04	any	linux	4.4.0-87.110	linux_4.4.0-87.110_any.deb
Ubuntu	14.04	any	linux-lts-xenial	4.4.0-87.110~14.04.1	linux-lts-xenial_4.4.0-87.110~14.04.1_any.deb
Ubuntu	16.04	any	linux-raspi2	4.4.0-1065.73	linux-raspi2_4.4.0-1065.73_any.deb
Ubuntu	16.04	any	linux-snapdragon	4.4.0-1067.72	linux-snapdragon_4.4.0-1067.72_any.deb
Ubuntu	16.04	any	linux-fips	4.4.0-1017.22~recert1	linux-fips_4.4.0-1017.22~recert1_any.deb

Source	Link
source	www.source.android.com/security/bulletin/2019-02-01
github	www.github.com/LineageOS/android_kernel_google_marlin/commit/b5fe5504464e5e5fc25c175cf2bfbab54f70a01d
cve	www.cve.org/CVERecord

25 Sep 2025 09:14Current

6.7Medium risk

Vulners AI Score6.7

CVSS 22.1

CVSS 35.5

EPSS0.00019

android information disclosure local /proc/iomem permissions cve-2019-2001 kernel